Thursday, April 21, 2016
Wednesday, April 20, 2016
Docker and ip tables
Docker and fire-walling
- Docker daemon makes an entry into host iptables everytime when a container wants to expose a port on host
- https://fralef.me/docker-and-iptables.html
- There are open source projects which can wrap this and prevent by making a generic entry for ALLOW of this port.
- Weave network for docker
- Excellent docker
Look at docker-fw or dfwfw : these are nothing but the docker daemon / engine interceptor and it provision some iptables entries in between , the best part is these services run as a docker image in privileged mode and does the magic , also include DNS servers.
Tuesday, April 19, 2016
Containers : are not VMs , container are of course secured
A recent video debate on container technology and where we are at ( i see this video got recorded on October 2015 )
A clear spell-out of difference between virtual machines and containers , worth a watch
Hear to the myths on containers
More follow up
Open Container Initiative: Home
A clear spell-out of difference between virtual machines and containers , worth a watch
Hear to the myths on containers
- containers are NOT VMs
- containers are NOT secured
More follow up
- ACI ( App Container Image , something like Amazon AMI ) - coreos comes up with rkt.
- OCI ( Open Container Initiative )
Open Container Initiative: Home
Thursday, April 7, 2016
borg, omega and now the open source version of it kubernetes
Excellent articles i came across recently
How container technologies kicked in by google ( borg, omega and now the open source version of it kubernetes )
How container technologies kicked in by google ( borg, omega and now the open source version of it kubernetes )
- https://www.opencontainers.org/
- https://github.com/opencontainers/runtime-spec/blob/master/ROADMAP.md
- http://queue.acm.org/detail.cfm?id=2898444
Subscribe to:
Posts (Atom)